Why does Google block RCS messages on rooted devices?

Why does Google block RCS messages on rooted devices?

RCSacronym for “Rich Communication Services” is a standard designed to improve the messaging experience on mobile devices. Unlike traditional SMS, RCS offers advanced features similar to those provided by apps instant messagingsuch as WhatsApp, Telegram, Signal, Messenger and all the others.

As we saw in the article on how RCS works, it is not an “invention” of Google but one standard officially approved already in 2008 by the GSM Association (GSMA) but remained effectively unused for years. Today, even if some telecommunications operators have not yet aligned themselves, many providers have embraced it RCS at the mobile network level.

With the aim of extending the use of RCS, Google allows the use of the standard – for example – through its app Messages leaning on the Data connection (mobile operator network and WiFi) and its servers. In this way, regardless of the actual mobile network level support of the RCS standard, i rich messages can flow seamlessly between sender and recipient.

In Google Messagesjust go to the app settings, choose the item Chat RCS then enable the “switch” Enable RCS chats to enjoy all the advantages of the standard. We mention, for example, the possibility of sending images, emojis, receiving reading receipts, obtaining typing indicators (you can know when the other user is typing…) and much more.

The devices subjected to rooting they are not inherently unsafe

Some of the most well-known experts strongly support the following concept: “if you cannot access the root of the deviceyou don’t really own it“. In other words, if a user cannot be free to verify and manage even the most hidden and lowest level aspects of any terminal, he would always be subject to the will of third parties. For example, the smartphone manufacturer, application developers, other entities that compete in the chain for the provision of any service.

The vast majority of banking applications for mobile devices, for example, verify that the device has not been subjected to rooting. If so, access to the app is automatically blocked for security reasons.

Here we could open an endless discussion on the reasons for this practice and on whether these behaviors are more or less permissible. We will simply observe that the security of an application or service cannot and must not depend on client-side configuration. If anything, in some circumstances, a device subjected to rooting which he performs malicious software could be an easier target for attack. But whoever successfully executes the rooting of his Android terminal, he is hardly a novice user. And in general he is well aware of the trade-off between risks and benefits that rooting the device brings with it.

Google blocks RCS on rooted devices

In recent weeks, many users have complained that i RCS messages no longer worked about “rooted devices”. In other words, using Google Messages for example, the communications did not arrive at their destination but suddenly disappeared without showing any notification to the user.

By default, when your phone can’t or fails to lean on RCS, it should automatically fall back on SMS/MMS. The default behavior, however, would not have been activated for many users, putting them in a difficult situation.

Google has confirmed that the company’s technicians are working on block RCS on devices subjected to rooting as part of efforts to fight spam. According to spokespersons for the Mountain View company, today “a large volume of RCS spam comes from devices that function as bots” and which generally exploit operations of rooting previously carried out on the device itself.

Many have criticized the measure, believing it to be excessive. Google already offers a system to block SMS/MMS spamwhy not also apply it on RCS messages instead of completely preventing access to the functionality to all users who use “rooted” smartphones?

L’API Google Play Integrity

Google’s interventions seem to focus onAPI Play Integrity. This is a low-level tool integrated into Android that aims to ensure theintegrity and the safety of apps and games on Google Play. The API prevents unauthorized access to certain services by modified devices, such as those with root privileges or with an unlocked bootloader.

The Play Integrity APIs aim to reduce online fraud and possible abuses, such as the creation of bots or other automated tools that are potentially dangerous to the entire Android ecosystem.

The introduction of the API has raised concerns that it could be used in a discriminatory way, for example by blocking access to certain services and sites based on the browser used or the presence of specific software and configurations.

This is why projects like open source were born Play Integrity Fix. Available on GitHub, it allows you to pass the certification check and in this case make the devices usable again for sending and receiving RCS messages.

Opening image credit: – oatawa

Leave a Reply

Your email address will not be published. Required fields are marked *